Those who understand Turing’s Theorem know that computers are ultimately all vulnerable to virtually undetectable errors and fraud. A new report reminds us just how much worse it is than we think: Wired: Hundreds of Millions of PC Components Still Have Hackable Firmware
That laptop on your desk or that server on a data center rack isn’t so much a computer as a network of them. Its interconnected devices—from hard drives to webcams to trackpads, largely sourced from third parties—have their own dedicated chips and code. That represents a serious security problem: Despite years of warnings, those computers inside your computer remain disturbingly unprotected, offering an insidious and nearly undetectable way for sophisticated hackers to maintain a foothold inside your machine.
There is a lot of lessons that could be learned from Iowa. Yet we may not learn them. On the other hand we may learn other lessons. In no particular order:
Bernie and Pete both won…
Change anything in the rules, and the result is likely to have been different…
People tend to tout their favorite reform as a cure for any crisis….
The bottom line: Be careful what you ask for, the cure may be worse than the disease. Its complicated. Don’t let a crisis go to waste, but avoid knee-jerk solutions.
“‘It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so.” – Mark Twain
We may not know who won Iowa, yet we know the losers: Internet Voting, Caucusing, and Immediate Gratification.
NYTimes article: 2020 Iowa Caucus Updates: Delayed Results Lead to Confusion
““This is an embarrassment but it shouldn’t shake people’s confidence in the results,” Mr. Halderman said. “If this had been an election conducted by phone, or online, that would have been a major disaster. We might never know the results and would have had to re-run the entire contest.”
“This is an urgent reminder,” Mr. Halderman said, “of why online voting is not ready for prime time.”
From NPR: Despite Election Security Fears, Iowa Caucuses Will Use New Smartphone App
Cybersecurity experts interviewed by NPR said that the party’s decision to withhold the technical details of its app doesn’t do much to protect the system — and instead makes it hard to have complete confidence in it.
“The idea of security through obscurity is almost always a mistake,” says Doug Jones, a computer science professor at the University of Iowa and a former caucus precinct leader. “Drawing the blinds on the process leaves us, in the public, in a position where we can’t even assess the competence of the people doing something on our behalf.”…
When initial results point to an apparent winner, then the assumption is any other person is trying to overturn the result, rather than insisting that it be accurate.
From Politico: How Close Did Russia Really Come to Hacking the 2016 Election?
Why does what happened to a small Florida company and a few electronic poll books in a single North Carolina county matter to the integrity of the national election? The story of Election Day in Durham—and what we still don’t know about it—is a window into the complex, and often fragile, infrastructure that governs American voting…
The fact that so many significant questions about VR Systems remain unanswered three years after the 2016 election undermines the government’s assertions that it’s committed to providing election officials with all of the timely information they need to secure their systems in 2020. It also raises concerns that the public may never really know what occurred in 2016.
One of the key issues this year is the purchase of Ballot Marking Devices (BMDs) for all voters vs. Voter Marked Paper Ballots. In recent weeks, two board members have resigned from Verified Voting over a perception that VV is doing too much to tout Risk Limiting Audits (RLAs) of BMDs to the detriment of secure, evidence based elections. An extensive article in the NY Review of Books highlights the issues with BMDs: How New Voting Machines Could Hack Our Democracy. By mid-week Verified Voting had issued a clarification that states its general opposition to BMDs.
Editorial: We should not be wasting Federal and state money on BMDs except for those with disabilities. Instead, we should be using a portion of the savings on developing better BMDs that better serve those with disabilities.
In the hypothetical that all states agreed to the compact, Aram thinks some election reforms would be in order:
“One of the things that I think should be done, that would need to be done, after enough states sign onto this but before it goes into effect – there should be some standardization of the balloting process, and the counting process, so we can get a reliable national tally.”..
“I’ve advocated for states to adopt this idea, but defer implementation until say 2032. So, Florida would adopt it today, but say ‘our adoption takes effect when you get to 270, but no earlier than 2032,” Amar said. “That would both give Congress time, in the meanwhile, to iron out any logistical wrinkles of the kind that you just mentioned. And it would also defuse the wrongheaded, but persistent, assumption that some people have that this is going to help one political party and hurt the other.”
Unfortunately, his recommendations do not go far enough to cure the problem he now recognizes..
From Bloomberg Expensive, Glitchy Voting Machines Expose 2020 Hacking Risks
Paper ballots may be safer and cheaper, but local officials swoon at digital equipment…
Cybersecurity experts are baffled by local election officials choosing the computerized voting machines. “It’s a mystery to me,” said Rich DeMillo, a Georgia Tech computer science professor and former Hewlett-Packard chief technology officer. “Does someone have 8 x 10 glossies? No one has been able to figure out the behavior of elections officials. It’s like they all drink the same Kool-Aid.”
The animus is mutual. At conferences, election administrators swap complaints about cyber experts treating them like idiots, said Dana DeBeauvoir, head of elections in Travis County, Texa
We have long agreed with all those calling for Voter Marked Paper Ballots. Paying double or more for machines that are risky and lead to long lines can most easily be explained by the extensive lobbying of election officials and legislative bodies.
Earlier we described the general situation with regard to the recent Bridgeport Primary and some steps in the wrong direction.<read part 1> Today we will discuss some steps that could be taken to prevent these same problems in Bridgeport, Hartford, Stamford, and elsewhere in Connecticut.
Increase Enforcement Monitor Elections With Independent Monitors Randomly Audit Absentee Votes, Envelopes, and Applications Do for Elections What We Have Done for Probate
